The incident, which has only affected select Premium subscribers, has raised concerns within the cybersecurity community. Although Pornhub emphasizes that this was not a direct breach of its systems, the situation highlights the risks associated with third-party vendors managing sensitive analytics data.
ShinyHunters, known for high-profile leaks such as the LinkedIn data dumps, publicly claimed responsibility for the Mixpanel breach on BreachForums.
They advertised “fresh Pornhub Premium user analytics” among datasets from victims like Google and ChatGPT. Security researchers confirmed the group’s post aligns with Mixpanel’s internal notification to clients.
Pornhub’s official statement clarifies the scope: the breach occurred entirely within Mixpanel’s environment, involving a “limited set of analytics events” for some Premium users.
Crucially, no passwords, credentials, payment details, or government IDs were compromised. Pornhub ceased using Mixpanel in 2021, but legacy user-interaction data, such as session logs or behavioral metrics, may have been scraped.
| Affected Data | Status | Risk Level |
|---|---|---|
| Analytics events (e.g., session data) | Exposed (limited users) | Low |
| Passwords/credentials | Not exposed | None |
| Payment/financial info | Not exposed | None |
| Government IDs | Not exposed | None |
Pornhub launched an internal probe immediately upon Mixpanel’s alert, enlisting cybersecurity experts and coordinating with authorities. “We are working diligently to determine the nature and scope,” the company stated, committing to “best practices in cybersecurity and international privacy standards.”
Users are urged to monitor accounts for phishing or odd activity. Enable multi-factor authentication (MFA) and scan for malware, experts advise. Pornhub reiterated: protecting its community remains the top priority.
This event echoes supply-chain vulnerabilities seen in SolarWinds and MOVEit attacks. Mixpanel’s breach highlights how dormant vendor ties can resurface risks years later. As ShinyHunters peddles the data, affected users should check Have I Been Pwned for updates.
Avoid responding to phishing emails claiming to be from Pornhub. No password resets are required at this time, as login credentials were not affected.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post PornHub Breached by ShinyHunters Group and Premium Members’ Data Stolen appeared first on Cyber Security News.
Gong has announced a business update following the end of its most recent quarter. As…
If it isn’t sewage that water firms are leaking into rivers, then it’s your data…
IFS Ultimo has announced that EUROGATE is to deploy its AI-powered Enterprise Asset Management solution…
Engineers are often drowning in data for which they need answers. That often means digging…
Are the EarFun Air Pro 4 Plus the best sub-$100 earbuds around? These new buds,…
If you're looking to expand your library of physical games ahead of summer, we have…
This website uses cookies.